Joel - Consultant SAP GRC

SAP Security and authorization Specialist

Successful Symphony Project Go live China 02/12/2019.
Successful Symphony Project Go live Spain.
Successful Symphony Project Go live Italy.
SAP Transportation Management.
• Design the role matrix
• Define the business function, and build the role base on the business
requirement
• Implement a customization authorization for the charges tab
• maintain queries
• create and maintain Profile and layout
• Troubleshooting Security and Authorization via

At NESTLE Globe Vevey
SAP Security and authorization Specialist
SAP Security & Authorization Specialist
Supporting Project/Business End Users
Project DGLB-110598-GLS: PI 7.4 Build and Preparation (migration of XI to PI)
Project DGLB-106583-Nespresso Phase 2 Functional (Extension of Roles to
Nespresso)
Project DGLB-112085 CTA-Wave2 Audit SAP_ALL: Replace of SAP_ALL to 6000 RFC
users with a specific role.
Project DGLB-112743 CTA-Wave2-Security: Resource Allocations (Baskets review)
Enhancement of the restriction to 3500 users on S_DATASET
Project DGLB-107296 BP&M 2015 Releases Marketing & Sales (RDS and New Roles)
Project DGLB-106737 Audit ZCMCL (custom transaction of BD87) enhance the
restriction to 3500 support users and 250.000 end users
Project DGLB 106739 Implement the new process to restriction Confidential
Interface on to “S_XMB_MONI” using UME actions .XML files for 16000 users
• Assigning Roles and users using CUA system.
• Redesign 600 roles based on the maximum of profile reach to one single
role for the developer community
• Creating of SAP IDs using SU01, SU10,
• Creating Custom Transaction using SE93
• Creating authorisation object and field,
• Promoting the field to ORG level
• Troubleshooting S&A issues using Transactions ST01, SU53, SCUL, BD87,
and utilising support sources SAP OSS.
• Creation of end-user documents e.g. SAP user guides.
• Supporting Project teams in the delivery of project deliverables.
• Creating Single and Composite Roles .and Derive Roles
• Generating Profiles for End users using Transaction PFCG.
• Transport management via Transactions SE01/SE10.
• Initial Testing of new roles for end users using Transaction PFCG.
• Managing System Audit using Transactions SM19, SM20, and SUIM.
• Execution of User Comparison using Transactions PFCG, PFUD or scheduling
PFCG_TIME_DEPENDENCY using Transactions SM37/SM36.
• JAVA Single Stack and Dual Stack role creation
• JAVA User Administration

S&A of SAP HANA
• Grant/revoke roles and users
• Grant/revoke privilege to roles
• Create user and role using SQL syntax and HANA Studio
• Create hierarchy roles for user
• Create analytic privilege
• Perform analytic privilege check
• Using privileges to impose restriction on operation carry on certain object.
Via different actions( System privilege, Object privilege, Analytical privilege,
Package privilege and application privilege
• Controlling access to Hana data model (attribute view, analytic view,
calculation view) and restrict a given data container to selected attribute
value(fields from attribute view) via analytical privilege
• Auditing on database object
• Enforcing encryption on Communication encryption (on client
connection)Data encryption (data volume on the disc)Secure internal
credential store for application
• Performing trace Via system panel for critical events for security and
compliance.(User, role and privilege change, configuration changes)and
Data access logging (read and write access for tables and view)
• Using, Flat file, SLT and BODS to bring data to SAP HANA
• Transport package via delivery unit

S&A Administration of SAP CRM 7
• Creation of CRM Business Roles using SPRO and corresponding PFCG roles
• Creation of custom transaction,
• Creating variant roles
• Testing for new role to define new Object
• Addition of users to CRM Org Structure using Tranx PPOMA_CRM

S&A Administration of SAP BW 3.5
• Supporting users on BW 3.5
• Creation of BW Analysis Authorisations for BI Reporting using Tranx
RSECADMIN
• Troubleshooting BW report access issues using Tranx ST01 and RSECADMIN

SAP Security and authorization Specialist

SAP R/3 Implementation and Post Go-Live Support projects in Oil Industry
SAP Security & Authorization Consultant:
• Supporting Project/Business End Users.
• Managing and supporting SAP CUA system.
• Creating of SAP IDs using SU01, SU10, and SECATT scripts.
• Troubleshooting S&A issues using Transactions ST01, SU53, SCUL, BD87,
and utilising support sources SAP OSS.
• Creation of end-user documents e.g. SAP user guides.
• Supporting Project teams in the delivery of project deliverables.
• Creating Single and Composite Roles.
• Generating Profiles for End users using Transaction PFCG.
• Transport management via Transactions SE01/SE10.
• Initial Testing of new roles for end users using Transaction PFCG.
• Managing System Audit using Transactions SM19, SM20, and SUIM.
SAP Governance, Risk & Compliance Administration: 10
• Redesign Security roles based on SOD conflicts.
• Used GRC 10 to run simulation and rule sets against new roles to determine
any SOD violations and document any remediation.
• Perform risk analysis at user level and role level
• Create firefighter ID to provide emergency access.
• Assign owners to Firefighter IDs
• Maintain firefigher and controller assignments
• Tested Firefighter role and user assignments.
• Analyse custom transactions and create rule sets.
• Maintain / enforced SOD rules during role redesign project.
• Manage mitigating controls assigned to users, roles and profiles to mitigate
access rule violations
• Display reports for managing risks, managing access, managing incidents,
SPM, and opportunities.
• Create, maintain, lock and unlock users and change passwords.
• Create and maintain simple roles and derived roles.
• Maintain transaction selections and authorization data in roles.
• Generate authorization profiles, Assign roles and profiles to Users in CUA
• Execution of User Comparison using Transactions PFCG, PFUD or scheduling
PFCG_TIME_DEPENDENCY using Transactions SM37/SM36.

S&A Administration of SAP BW 3.5
• Creation of BI Analysis Authorisations for BI Reporting using Transaction
RSECADMIN.
• Creating of BI Single and Composite roles [Transaction PFCG] and Portal
roles/groups for report access.

IT Technical Support

Providing one to one user problem resolution, and installing of new software
and computer Systems Company wide.

for HTTP call issue

SAP Governance, Risk & Compliance Administration: 10
• Configure and maintain GRC system, and redesign Security roles based on
SOD conflicts.
• Used GRC 10 to run simulation and rule sets against new roles to determine
any SOD violations and document any remediation.
• Create firefighter ID to provide emergency access, and perform risk analysis
• Maintain firefighter and controller assignments, and assign owner to the FF
IDs
• Tested Firefighter role and user assignments.
• Assist business stakeholders for the System Acceptance Test (SATP) for final
formal testing validation as per GXP
• Analyse custom transactions and create rule sets.
• Maintain / enforced SOD rules during role redesign project.
• Create and maintain simple roles and derived roles.
• Maintain transaction selections and authorization data in roles.
• Generate authorization profiles, Assign roles and profiles to Users in CUA
• Execution of User Comparison using Transactions PFCG, PFUD or scheduling
PFCG_TIME_DEPENDENCY using Transactions SM37/SM36.

Migration SAPEHP6 to SAPEHP8
• SU25 perform.
• Upgrade of the SU24.
• Resolve the objects inconsistent.
• Use SU24 to adjust the authorization defaults.
• Maintain, and test all roles impacted.


S&A Administration of SAP BW 3.5
• Creation of BI Analysis Authorisations for BI Reporting using Transaction
RSECADMIN.
• Creating of BI Single and Composite roles [Transaction PFCG] and Portal
roles/groups for report access.
• Definition of BI role for end user access via BEx Analyser/Query Designer to
execute report or query
• Made custom Authorization objects security relevant and checked for the
appropriate info cube
• Troubleshooting Security and Authorization BI issues using Transaction
ST01, SCUL, RSECADMIN, RSA1, RSRT, RSD1
• Transport management via Transactions SE01/SE10
• Managing System Audit using Transactions SM19, SM20, and SUIM

S&A Administration of SAP BO 4.1, 4.2
• Users and users groups Management using the CMC
• Authorisation and access privileges via IDT
• Application Management using CMC
• Content management by performing access permission on the Folder
• Troubleshooting Security and Authorization BO Via the trace on the CMC
• Advanced rights (performing access privileges on the applications, reports,
and universes)
• Custom access level (performing access privileges on the applications,
reports, and universes)
• Event management

S&A Administration of SAP HCM
• Design, develop and maintain SAP HCM security roles and Webdynro
authorization.
• Execute PA20, PPOSE, and PP01…...
• Troubleshooting Security and Authorization issues using Transactions ST01,
SU53, SCUL, and BD87.
• Perform analysis for audit requests on RFC users.
• Communicate and translate SAP HR authorization requirements among
business process owners
• User Administration
• Works with the business process team to build SAP authorization
assignments and facilitate resolutions on segregation of duties (SOD)
conflicts
SAP HANA Security
• Implement a security model on HANA SPS 09 using system privileges,
analytical privileges, SQL privileges, package privileges, application
privileges and pre-defined roles:
• Create role and user via syntax SQL and Hana studio.
• Perform security and authorization troubleshooting
• Hana User administration
• Export/import SAP HANA Database objects.
• Data replication via BODS and SLT
• Upload data from flat file
• Set up SLT connection to Hana
• Create Schema, package, attribute view, and restricted column,